Skip to main content
CVE-2021-27232 HIGH POC This Week

The RTSPLive555.dll ActiveX control in Pelco Digital Sentry Server 7.18.72.11464 has a SetCameraConnectionParameter stack-based buffer overflow. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Digital Sentry Server
NVD GitHub
CVSS 3.1
8.8
EPSS
1.7%
CVE-2021-21315 HIGH POC KEV PATCH THREAT This Week

The System Information Library for Node.JS (npm package "systeminformation") is an open source collection of functions to retrieve detailed hardware, system and OS information. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Node.js Command Injection Systeminformation Cordova
NVD GitHub
CVSS 3.1
7.8
EPSS
90.2%
CVE-2021-20074 HIGH This Week

Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows users to escape the provided command line interface and execute arbitrary OS commands. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection M Dge Firmware
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2021-20073 HIGH This Week

Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows for cross-site request forgeries. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF M Dge Firmware
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2021-27229 HIGH PATCH This Week

Mumble before 1.3.4 allows remote code execution if a victim navigates to a crafted URL on a server list and clicks on the Open Webpage text. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Mumble Debian Linux
NVD GitHub
CVSS 3.1
8.8
EPSS
3.2%
CVE-2021-20987 HIGH This Week

A denial of service and memory corruption vulnerability was found in Hilscher EtherNet/IP Core V2 prior to V2.13.0.21that may lead to code injection through network or make devices crash without. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Memory Corruption Ethernet Ip Adapter Firmware Wcs Firmware +6
NVD
CVSS 3.1
8.6
EPSS
1.1%
CVE-2021-27102 HIGH KEV THREAT This Week

Accellion FTA 9_12_411 and earlier is affected by OS command execution via a local web service call. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Fta
NVD GitHub
CVSS 3.1
7.8
EPSS
3.6%
CVE-2021-20075 HIGH This Week

Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows for privilege escalation via configd. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation M Dge Firmware
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-21316 HIGH PATCH This Week

less-openui5 is an npm package which enables building OpenUI5 themes with Less.js. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Node.js Information Disclosure Less Openui5
NVD GitHub
CVSS 3.1
7.8
EPSS
1.0%
CVE-2021-23840 HIGH PATCH This Week

Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

OpenSSL Integer Overflow Denial Of Service Debian Linux Log Correlation Engine +18
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2021-20986 HIGH This Week

A Denial of Service vulnerability was found in Hilscher PROFINET IO Device V3 in versions prior to V3.14.0.7. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Memory Corruption Profinet Io Device Firmware Pgv100 F200A B17 V1D Firmware +22
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2021-20072 HIGH This Week

Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to arbitrarily access and delete files via an authenticated directory traveral. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal M Dge Firmware
NVD
CVSS 3.1
7.2
EPSS
1.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy